For the enterprise, the greatest challenges in cyber security today exist at the individual level and with protecting perimeter operating environments. Hackers are now aiming their attacks at these junctures knowing they are the least defended and likely to hold information that is valued by them most; data that is easily resold or can be collected and curated for financial fraud and future phishing schemes. Examples of these attack targets are remote offices and branches, personal residences and vacation homes, mobile locations, public networks, and up and down the corporate supply chain. In this report, we will suggest new thinking and a new approach that will substantially mitigate the risks and enhance ROI not just with employees and perimeter environments, but across the enterprise.

IT Security

 

Investment in defensive technology is still a pre-requisite for survival in the online arena. However, technology in itself will not suffice. Unlike IT security threats of just a few years ago, the target of many attacks in modern cyber warfare is aimed at individuals and their personal information including that of employees, customers, patients, vendors, and business associates.  At the employee level and when protecting the perimeter environment, it takes much more than good technology to defend from cyber-attacks. It's at these junctures where employee awareness, behavior, and operating compliance are the foremost elements of successful IT security today.

A Holistic Approach to Cyber Security

The delta, or chasm, between hyper-changing technology and mainstream users, is going parabolic and creating an increasing level of apathy. This phenomenon lies at the core of our challenges. And yet, considering the deep, broad engagement with technology in mainstream life today, the risks to individuals are similar to the risks to the enterprise. Information security, loss of data, financial fraud, reputational risk, and other risks are all common to both individuals in their personal lives, and the daily operation of an enterprise. 

Partnering with your employees for cyber risk education and training and approaching cyber risk holistically puts the individual at the center of the solution. Focusing on individuals, and addressing cyber security as a lifestyle applicable across employees’ roles and responsibilities both personally and professionally, significantly raises awareness, and increases the employee's application and retention of safe practices. This holistic approach can provide the impact and ROI needed for increased effectiveness and individual compliance.

With these concepts in mind, we make the following recommendations:

  1. The IT department can't solve or sufficiently mitigate the problem alone, and requires partnership across the organization. 

  2. Buy-in is required across the organization and visible leadership and support from the top down are necessary to inculcate necessary change and adoption.

  3. Firm-wide cyber security training must go beyond the enterprise and IT-centric view, and address the issues from an individual's standpoint for empowerment beyond the workplace to enhance effectiveness, buy-in, and long-term retention.

  4. Analyze the perimeter environments and be concerned with remote locations, mobile users, and the supply chain as potential weak points in the system. Think about people and how they connect at the perimeter to add additional security measures at that juncture. 

  5. Have a plan with roles and responsibilities especially as it pertains to the reporting process of an attack or breach.

  6. Follow newly emerging innovation in the cyber- security industry. After decades of stagnancy, fresh investment capital has been stimulated by the privacy and information security regulatory environment and increasing consumer awareness. A new wave of entrepreneurs is disrupting the industry with innovative solutions that are becoming increasing effective and user-friendly. Find applications for these new solutions at the individual user level, and in the perimeter operating environments.

  7. Subsidize the protection of your employees’ homes and families from cyber risk.

#7 on our list of recommendations may be the most economically rewarding measure a firm can take, and is a direct application of the holistic approach. Additionally, it can play a distinct role in optimally positioning the enterprise for managing the risks of the future, driving ROI for years to come.

IT Security as an Employee Benefit

Protecting Your Employees' Homes and Families from Cyber Risk

The Four Fundamentals of Personal Cyber Security

The Four Fundamentals is an approach relevant to individuals, yet has direct application to employees in the workplace.

 

1. Protect the Device – Smartphones, laptops, pads, tablets, and about anything that connects online should be protected using state-of-the-science device protection solutions. Fortunately, recent innovations have brought high-quality and effective protection systems that once were available only to large, server-centric networks, and made them available to individuals and their devices to function securely in all environments and over any networks.

  • Device protection should include remote management features that eliminate the need for user-input or behavioral modifications.

  • Real-time antivirus, browser and application protections, and the host of defenses standard with most high-quality solutions, are essential.

  • Lock and Erase functions are optional.

  • Password management applications should work seamlessly across mobile device platforms, and the enterprise should sponsor software purchases and training for all employees.

  • Automatic updating and patching of operating system software and other, vulnerable 3rd party applications such as Adobe and Java.

  • Increasingly, collaborative threat intelligence resources are coming to bear for actionable, real-time, preemptive defenses.

  • Algorithms will increase in effectiveness and application to predict and defend from future threats as they morph and evolve.

These automated and remotely managed functions will dramatically mitigate the risk of attacks to individuals and their devices, regardless of location.

 

2. Protect the ConnectionOnce the individual device connects online, more defenses are required to protect the information transmitted over the Internet.

  • In addition to protection, each individual device should have a VPN, or Virtual Private Network, for automatic encryption of Internet traffic. A good VPN will protect the user’s identity, location, browsing, shopping, banking, and all information transacted online, including over public WiFi networks.

  • Consumer level or “retail” VPN services have to-date been clunky to use and unpredictable in their operation. Recent innovation and new distribution models are providing much better performance and experience, and the improvements are expected to continue to improve over the near future.


3. Protect Email Communication – In many cases, email is the “barn-door” for personal information. Unfortunately, especially in the U.S., email is expected by many consumers to be “free” and has distracted us from some of the basic notions to the value of privacy today.

  • Use a service that automatically strips IP location and metadata information from individual emails as they travel the Internet.

  • Use services that employ open-source software for ultimate security, portability, and compatibility across technology architecture and platforms.

  • Private email accounts can act as multi-generational digital domains for your employees and families, and provide a cyber-safe-room for decades to come.

  • Private email as an employee benefit communicates full engagement of the enterprise and its leadership to every individual, inside and out of the organization. 


4. Protect and Backup Electronic Documents and Files – Remote backup services are easy and cheap, and the convenience of the cloud is great, but critical documents deserve a digital vault.

  • For scanned passports, social security cards, birth certificates, wills, trusts, tax returns, and the other documents that are core to our personal lives.

  • Easy-to-use but highly secure digital vaults act as a safety-deposit-box for sensitive documents.

     

The innovation in IT security technology we mentioned earlier is driving ease-of-use, efficacy and represents great value. And, true to the nature of technology, these attributes will increase with time. Engaging your employees with this technology in a fashion that is relevant to their daily activities in their personal lives will dramatically increase awareness and compliance at the workplace.

 

Contact Us Contact us for more information about our speaking and training services:

Cybersecurity services

Share :

Subscribe Here!

Posts by Tag

See all

Recent Posts

Total Digital Security Corporation 
(877) 643-6391 
hello@totaldigitalsecurity.com
7777 Glades Rd, Suite 100 
Boca Raton, FL 33434

Quick links

Follow Us

Subscribe

The CyberAdvisor Letter

TDS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.
© 2022 Total Digital Security